Effective Data Security model for Cloud Computing

Project title as per Unisys

Cloud 20/20 V4 Contest Topics

:Security in cloud computing

Project team members

: R. Pavithra
[email protected]
P. Pooja
[email protected]
V. Vijayalakshmi
[email protected]

Project Guide

: Mr. Rejin Paul

[email protected]

Name of the institution

: Velammal Institute of technology

Panchetti

ABSTRACT:
Cloud Computing has been envisioned as the next generation architecture of IT Enterprise. In
contrast to traditional solutions, where the IT services are under proper physical, logical and
personnel controls. Cloud Computing moves the application software and databases to the large
data centers, where the management of the data and services may not be fully trustworthy. This
unique attribute, however, poses many new security challenges which have not been well
understood. Correct security controls should be implemented according to asset, threat, and
vulnerability risk assessment matrices. While cloud security concerns can be grouped into any
number of dimensions of concern, these dimensions have been aggregated into three general
areas: Security and Privacy, Compliance, and Legal or Contractual Issues. There are a number of
security issues/concerns associated with cloud computing but these issues fall into two broad
categories: Security issues faced by cloud providers (organizations providing Software-,
Platform-, or Infrastructure-as-a-Service via the cloud) and security issues faced by their
customers. Service delivery model is one of many aspects that need to be considered for a
comprehensive survey on cloud security. Security at different levels such as Network level, Host
level and Application level is necessary to keep the cloud up and running continuously. One of
the pieces of our framework might be developing a way to monitor the clouds management
software, and another might be development of isolated processing for specific clients
applications. This Project analyses the basic problem of cloud computing data security. With the
analysis of HDFS architecture, we get the data security requirement of cloud computing and set
up a mathematical data model for cloud computing. Finally we build a data security model for
cloud computing.

INTRODUCTION:
Cloud computing appeared in 2006, when Amazons Elastic Computing Cloud (EC2) fires the
world. Many information Enterprises develop their platform for cloud computing. In 2007, Dell
releases his solution of cloud computing, at the same time IBMs Blue Cloud comes in. Such as
Googles Mapreduce, Microsoftwares Windows Azure .According to an estimation , by 2012,
the Cloud computing market should reach $420 billion. All this have show the coming of the
epoch time of cloud computing. The emergence of the Cloud system has simplified the
deployment of large-scale distributed systems for software vendors. The Cloud system provides a
simple and unified interface between vendor and user, allowing vendors to focus more on the
software itself rather than the underlying framework. Applications on the Cloud include Software
as a Service system and Multi-tenant databases . The Cloud system dynamically allocates
computational resources in response to customers resource reservation requests and in
accordance with customers predesigned quality of service. Risk coming with opportunity, the
problem of data security in Cloud computing become bottleneck of cloud computing. In this

project we want to set up a security model for cloud computing and the details of reqirement of
the security.
The requirement of the security are : The client authentication requirements in login , The
existence of a single point of failure in Namenode, The rapid recovery of data blocks and r/w
rights control.
In addition to the above three requirements, the other, such as access control, file encryption,
such as demand for cloud computing model for data security issues must be taken into account.

SECURITY PROBLEMS:
A. Security Problem Drive from VM
Whether the IBM's Blue Cloud or the Microsofts Windows Azure, the virtual machine
technology is considered as a cloud computing platform of the fundamental component, the
differences between Blue Cloud and Windows Azure is that virtual machine running on Linux
operating system or Microsoft Windows operating system. Virtual Machine technology bring
obvious advantages, it allows the operation of the server which is no longer dependent on the
physical device, but on the virtual servers. In virtual machine, a physical change or migration
does not affect the services provided by the service provider. if user need more services, the
provider can meet users needs without having to concern the physical hardware. However, the
virtual server from the logical server group brings a lot of security problems.
B. The Existence of Super-user
For the enterprise providing cloud computing services, they have the right to carry out the
management and maintenance of data, the existence of super-users to greatly simplify the data
management function, but it is a serious threat to user privacy. Super-powers is a doubleedged
sword, it brings convenience to users and at the same time poses a threat to users. In an era of
personal privacy, personal data should be really protected, and the fact that cloud computing
platform to provide personal services in the confidentiality of personal privacy on the existence
of defects. Not only individual users but also the organizations have similar potential threats,
e.g.corporate users and trade secrets stored in the cloud computing platform may be stolen.
Therefore the use of super user rights must be controlled in the cloud.
C. Consistency of Data
Cloud environment is a dynamic environment, where the user's data transmits from the data
centre to the user's client. For the system, the user's data is changing all the time. Read and write
data relating to the identity of the user authentication and permission issues. In a virtual machine,
there may be different users data which must be strict managed. The traditional model of access
control is built in the edge of computers, so it is weak to control reading and writing among
distributed computers. It is clear that traditional access control is obviously not suitable for

cloud computing environments. In the cloud computing environment, the traditional access
control mechanism has serious shortcomings.
DATA SECURITY MODEL:
A. Principle of Data Security
All the data security technic is built on confidentiality, integrity and availability of these three
basic principles. Confidentiality refers to the so-called hidden the actual data or information,
especially in the military and other sensitive areas, the confidentiality of data on the more
stringent requirements. For cloud computing, the data are stored in "data center", the security and
confidentiality of user data is even more important. The so-called integrity of data in any state is
not subject to the need to guarantee unauthorized deletion, modification or damage. The
availability of data means that users can have the expectations of the use of data by the use of
capacity.
B. Data Security Model
Data model of cloud computing can be described in as follows:

The model used three-level defense system structure, in which each floor performs its own duty
to ensure that the data security of cloud layers. The first layer: responsible for user
authentication, the user of digital certificates issued by the appropriate, manage user permissions;
The second layer: responsible for user's data encryption, and protect the privacy of users through
a certain way; The third layer: The user data for fast recovery, system protection is the last layer
of user data. With three-level structure, user authentication is used to ensure that data is not
tampered. The user authenticated can manage the data by operations: Add, modify, delete and so
on. If the user authentication system is deceived by illegal means, and malign user enters the
system, file encryption and privacy protection can provide this level of defense. In this layer user
data is encrypted, even if the key was the illegally accessed, through privacy protection, malign

user will still be not unable to obtain effective access to information, which is very important to
protect business users trade secrets in cloud computing environment. Finally, the rapid
restoration of files layer, through fast recovery algorithm, makes user data be able to get the
maximum recovery even in case of damage.